Docstoc

NAT

Document Sample
NAT Powered By Docstoc
					                  NAT
                CST 415




3/22/2013   CST 415 - Computer Networks   1
Topics
   •    Problem Definition
   •    NAT Types
   •    NAT Addressing
   •    Dynamic NAT
   •    Overloading




 3/22/2013          CST 415 - Computer Networks   2
Problem Definition
             Network Address Translation

   • IPv4 addresses are becoming a rare commodity.
   • What is a simple way to extend the life of IP
     addresses until IPv6 becomes fully
     implemented?


   Given a single IP address, map this single
    IP address onto multiple IP addresses.
 3/22/2013         CST 415 - Computer Networks   3
Problem Definition
   How can we get something for nothing?

   (e.g. How do we expand an address range
     without really adding more bits onto an
     address?)




 3/22/2013      CST 415 - Computer Networks    4
  Problem Definition

                                                               192.10.10.1




                   161.82.35.22                                192.10.10.2
        Internet

                                       NAT       192.10.10.5

                                                               192.10.10.3



• The Internet sees a single point of presence – 161.82.35.22
• The private sees a single point of presence as the router – 192.10.10.5
• The NAT device translates from private network to external network.

     3/22/2013               CST 415 - Computer Networks                     5
NAT
  • Developed by Cisco
  • NAT is an intermediary, very much
    like the old days when you would call
    an operator to “patch” a call through to
    you.
  • To do this, all you needed to know is to
    dial “0”, then request the other party
    you wished to speak to.
3/22/2013      CST 415 - Computer Networks   6
NAT
  • As opposed to standard IP routing,
    NAT modifies the source and
    destination IP address in the IP header.
  • This modification is done based on
    mapping algorithms and tables.



3/22/2013      CST 415 - Computer Networks   7
NAT types
Static NAT:
   Mapping an unregistered IP address to a registered IP address on a one-
     to-one basis. Particularly useful when a device needs to be accessible
     from outside the network.




In static NAT, the computer with the IP address of 192.168.32.10 will always
                        translate to 213.18.123.110.

 3/22/2013                 CST 415 - Computer Networks                        8
NAT types
Dynamic NAT:
  Maps an unregistered IP address to a registered IP address
   from a group of registered IP addresses.

                                                          In dynamic NAT, the
                                                     computer with the IP address
                                                     192.168.32.10 will translate to
                                                      the first available address in
                                                              the range from
                                                            213.18.123.100 to
                                                             213.18.123.150.




  3/22/2013            CST 415 - Computer Networks                         9
  NAT types
Overloading NAT:
  A form of dynamic NAT that maps multiple unregistered IP addresses to a
    single registered IP address by using different ports. This is known also as
    PAT (Port Address Translation), single address NAT or port-level
    multiplexed NAT.




  In overloading, each computer on the private network is translated to the same IP
       address (213.18.123.100), but with a different port number assignment.

     3/22/2013                 CST 415 - Computer Networks                    10
 NAT types
Overlapping NAT:
  When the IP addresses used on your internal network
   are registered IP addresses in use on another network.
     » The router must maintain a lookup table of these addresses
       so that it can intercept them and replace them with
       registered unique IP addresses.
     » The NAT router must translate the "internal" addresses to
       registered unique addresses as well as translate the
       "external" registered addresses to addresses that are unique
       to the private network.
     » This can be done either through static NAT or by using
       DNS and implementing dynamic NAT
   3/22/2013             CST 415 - Computer Networks             11
  NAT types
Overlapping NAT:




 The internal IP range (237.16.32.xx) is also a registered range used by
  another network. Therefore, the router is translating the addresses to
  avoid a potential conflict with another network. It will also translate
   the registered global IP addresses back to the unregistered local IP
       addresses when information is sent to the internal network.

     3/22/2013             CST 415 - Computer Networks             12
NAT Example
The use of w1.x1.y1.z1 and w2.x2.y2.z2 represents valid public IP addresses as
   allocated by the Internet Assigned Numbers Authority (IANA) or an ISP.

                                       If a private user at 192.168.0.10 uses a
                                           Web browser to connect to the Web
                                           server at w2.x2.y2.z2, the user's
                                           computer creates an IP packet with the
                                           following information:
                                       • Destination IP address: w2.x2.y2.z2
                                       • Source IP address: 192.168.0.10
                                       • Destination port: TCP port 80
                                       • Source port: TCP port 1025


   3/22/2013                 CST 415 - Computer Networks                     13
NAT Example
The use of w1.x1.y1.z1 and w2.x2.y2.z2 represents valid public IP addresses as
   allocated by the Internet Assigned Numbers Authority (IANA) or an ISP.

                                       This IP packet is then forwarded to the
                                          NAT protocol, which translates the
                                          addresses of the outgoing packet to the
                                          following:
                                       • Destination IP address: w2.x2.y2.z2
                                       • Source IP address: w1.x1.y1.z1
                                       • Destination port: TCP port 80
                                       • Source port: TCP port 5000




   3/22/2013                 CST 415 - Computer Networks                     14
 NAT Example
The use of w1.x1.y1.z1 and w2.x2.y2.z2 represents valid public IP addresses as allocated by the
    Internet Assigned Numbers Authority (IANA) or an ISP.
                                                   The NAT protocol keeps the mapping of
                                                      {192.168.0.10, TCP 1025} to
                                                      {w1.x1.y1.z1, TCP 5000} in a table.
                                                   The translated IP packet is sent over the
                                                      Internet. The response is sent back and
                                                      received by the NAT protocol. When
                                                      received, the packet contains the
                                                      following public address information:
                                                   • Destination IP address: w1.x1.y1.z1
                                                   • Source IP address: w2.x2.y2.z2
                                                   • Destination port: TCP port 5000
                                                   • Source port: TCP port 80

     3/22/2013                        CST 415 - Computer Networks                                 15
 NAT Example
The use of w1.x1.y1.z1 and w2.x2.y2.z2 represents valid public IP addresses as allocated by the
    Internet Assigned Numbers Authority (IANA) or an ISP.


                                                  The NAT protocol checks its translation
                                                     table and maps the public addresses to
                                                     private addresses and forwards the
                                                     packet to the computer at
                                                     192.168.0.10. The forwarded packet
                                                     contains the following address
                                                     information:
                                                  • Destination IP address: 192.168.0.10
                                                  • Source IP address: w2.x2.y2.z2
                                                  • Destination port: TCP port 1025
                                                  • Source port: TCP port 80

     3/22/2013                        CST 415 - Computer Networks                                 16
NAT Example
                       • For outgoing packets from the NAT
                         protocol, the source IP address (a
                         private address) is mapped to the ISP
                         allocated address (a public address),
                         and the TCP/UDP port numbers are
                         mapped to a different TCP/UDP port
                         number.
                       • For incoming packets to the NAT
                         protocol, the destination IP address (a
                         public address) is mapped to the
                         original intranet address (a private
                         address), and the TCP/UDP port
                         numbers are mapped back to their
                         original TCP/UDP port numbers.

 3/22/2013   CST 415 - Computer Networks                    17
NAT Example

                         • Packets that contain the IP
                           address only in the IP
                           header are properly
                           translated by NAT. Packets
                           that contain the IP address
                           within the IP payload may
                           not be properly translated
                           by NAT.


 3/22/2013   CST 415 - Computer Networks          18

				
DOCUMENT INFO
Categories:
Tags:
Stats:
views:0
posted:3/21/2013
language:Latin
pages:18
qingqing19771029 qingqing19771029 http://
About